Automated trust negotiation technology with attribute-based access control

Author

Winsborough, William H. ; Jacobs, Jay

Author_Institution

Network Associates Labs., Rockville, MD, USA

Volume

2

fYear

2003

fDate

22-24 April 2003

Firstpage

60

Abstract

The ABAC (attribute-based access control) ATN (automated trust negotiation) system introduces two innovations first presented in detail in Winsborough et al. (2002) and further developed in Winsborough et al. (2002). First, to control transmissions that could disclose whether or not the negotiator has a given attribute, the system uses the notion of attribute acknowledgment policies (Ack policies). Second, it uses the trust-target graph (TTG) protocol, which supports a powerful, yet efficient ABAC credential language, Ack policies, and distributed credential storage. The ABAC ATN system has been designed and implemented under the Attribute-Based Access Control (ABAC) project at Network Associates Laboratories with collaboration from the Agile Management of Dynamic Collaborations (AMDC) project at Stanford University and SRI. Both projects are part of DARPA´s Dynamic Coalitions program.

Keywords

authorisation; certification; military computing; protocols; ABAC credential language; ABAC project; AMDC project; ATN; Ack policies; Agile Management of Dynamic Collaborations project; DARPA; Dynamic Coalitions program; Network Associates Laboratories; SRI; Stanford University; TTG protocol; attribute acknowledgment policies; attribute-based access control; automated trust negotiation; distributed credential storage; trust-target graph protocol; Access control;

fLanguage

English

Publisher

ieee

Conference_Titel

DARPA Information Survivability Conference and Exposition, 2003. Proceedings

Print_ISBN

0-7695-1897-4

Type

conf

DOI

10.1109/DISCEX.2003.1194916

Filename

1194916